Application for autonomous decentralized multi layer cache system

Hironao Takahashi, Hafiz Farooq Ahmad, Kinji Mori

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Web service demand is heterogeneous and it is expanding day by day. Malicious web attacks particularly at application layer, are also increasing significantly. It is estimated eighty percent (80%) malicious attacks are web application layer attacks such as Cross Site Scripting and SQL injection. Such attacks have affected financial organizations, government institutes, hospitals and enterprise companies and so on. It is required to detect such attacks instantly to maintain the safe operations. Existing Web Application Firewalls (WAF) aim at protection of web application attacks using Black and White list based approach Black list based WAFs operate at security operation center (SOC) to protect known attacks and it is easy to maintain same black list by other WAF nodes. However, white list independent signature from each Web service and it is generated by each web site policy. When the event of WAF fails, other WAF doesn't have same level of White list at that time. Black list is common type of signature and it can be keep the assurance by multiple WAF nodes or proxy node but White list is individual type of signature and can't maintain assurance by same policy of node. Therefore, to maintain high detection rate, dynamic adaptability of White list is required. It also requires online property and timeliness response. To solve these issues, an integrated Autonomous Decentralized Multi Layer Cache (ADMLC) system with Web Application Firewall is proposed. Evaluation shows that proposed architecture detection rate is much better than other traditional WAF based systems.

Original languageEnglish
Title of host publicationProceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011
Pages113-120
Number of pages8
DOIs
Publication statusPublished - 2011
Externally publishedYes
Event2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011 - Tokyo and Hiroshima
Duration: 2011 Mar 232011 Mar 27

Other

Other2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011
CityTokyo and Hiroshima
Period11/3/2311/3/27

Fingerprint

Web services
Websites
Industry

Keywords

  • ADMLC system
  • Blacklist
  • WAF
  • White list

ASJC Scopus subject areas

  • Artificial Intelligence
  • Control and Systems Engineering

Cite this

Takahashi, H., Ahmad, H. F., & Mori, K. (2011). Application for autonomous decentralized multi layer cache system. In Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011 (pp. 113-120). [5741287] https://doi.org/10.1109/ISADS.2011.20

Application for autonomous decentralized multi layer cache system. / Takahashi, Hironao; Ahmad, Hafiz Farooq; Mori, Kinji.

Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011. 2011. p. 113-120 5741287.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Takahashi, H, Ahmad, HF & Mori, K 2011, Application for autonomous decentralized multi layer cache system. in Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011., 5741287, pp. 113-120, 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011, Tokyo and Hiroshima, 11/3/23. https://doi.org/10.1109/ISADS.2011.20
Takahashi H, Ahmad HF, Mori K. Application for autonomous decentralized multi layer cache system. In Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011. 2011. p. 113-120. 5741287 https://doi.org/10.1109/ISADS.2011.20
Takahashi, Hironao ; Ahmad, Hafiz Farooq ; Mori, Kinji. / Application for autonomous decentralized multi layer cache system. Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011. 2011. pp. 113-120
@inproceedings{439c1c0007d6495a91c57bf5fccd1fef,
title = "Application for autonomous decentralized multi layer cache system",
abstract = "Web service demand is heterogeneous and it is expanding day by day. Malicious web attacks particularly at application layer, are also increasing significantly. It is estimated eighty percent (80{\%}) malicious attacks are web application layer attacks such as Cross Site Scripting and SQL injection. Such attacks have affected financial organizations, government institutes, hospitals and enterprise companies and so on. It is required to detect such attacks instantly to maintain the safe operations. Existing Web Application Firewalls (WAF) aim at protection of web application attacks using Black and White list based approach Black list based WAFs operate at security operation center (SOC) to protect known attacks and it is easy to maintain same black list by other WAF nodes. However, white list independent signature from each Web service and it is generated by each web site policy. When the event of WAF fails, other WAF doesn't have same level of White list at that time. Black list is common type of signature and it can be keep the assurance by multiple WAF nodes or proxy node but White list is individual type of signature and can't maintain assurance by same policy of node. Therefore, to maintain high detection rate, dynamic adaptability of White list is required. It also requires online property and timeliness response. To solve these issues, an integrated Autonomous Decentralized Multi Layer Cache (ADMLC) system with Web Application Firewall is proposed. Evaluation shows that proposed architecture detection rate is much better than other traditional WAF based systems.",
keywords = "ADMLC system, Blacklist, WAF, White list",
author = "Hironao Takahashi and Ahmad, {Hafiz Farooq} and Kinji Mori",
year = "2011",
doi = "10.1109/ISADS.2011.20",
language = "English",
isbn = "9780769543499",
pages = "113--120",
booktitle = "Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011",

}

TY - GEN

T1 - Application for autonomous decentralized multi layer cache system

AU - Takahashi, Hironao

AU - Ahmad, Hafiz Farooq

AU - Mori, Kinji

PY - 2011

Y1 - 2011

N2 - Web service demand is heterogeneous and it is expanding day by day. Malicious web attacks particularly at application layer, are also increasing significantly. It is estimated eighty percent (80%) malicious attacks are web application layer attacks such as Cross Site Scripting and SQL injection. Such attacks have affected financial organizations, government institutes, hospitals and enterprise companies and so on. It is required to detect such attacks instantly to maintain the safe operations. Existing Web Application Firewalls (WAF) aim at protection of web application attacks using Black and White list based approach Black list based WAFs operate at security operation center (SOC) to protect known attacks and it is easy to maintain same black list by other WAF nodes. However, white list independent signature from each Web service and it is generated by each web site policy. When the event of WAF fails, other WAF doesn't have same level of White list at that time. Black list is common type of signature and it can be keep the assurance by multiple WAF nodes or proxy node but White list is individual type of signature and can't maintain assurance by same policy of node. Therefore, to maintain high detection rate, dynamic adaptability of White list is required. It also requires online property and timeliness response. To solve these issues, an integrated Autonomous Decentralized Multi Layer Cache (ADMLC) system with Web Application Firewall is proposed. Evaluation shows that proposed architecture detection rate is much better than other traditional WAF based systems.

AB - Web service demand is heterogeneous and it is expanding day by day. Malicious web attacks particularly at application layer, are also increasing significantly. It is estimated eighty percent (80%) malicious attacks are web application layer attacks such as Cross Site Scripting and SQL injection. Such attacks have affected financial organizations, government institutes, hospitals and enterprise companies and so on. It is required to detect such attacks instantly to maintain the safe operations. Existing Web Application Firewalls (WAF) aim at protection of web application attacks using Black and White list based approach Black list based WAFs operate at security operation center (SOC) to protect known attacks and it is easy to maintain same black list by other WAF nodes. However, white list independent signature from each Web service and it is generated by each web site policy. When the event of WAF fails, other WAF doesn't have same level of White list at that time. Black list is common type of signature and it can be keep the assurance by multiple WAF nodes or proxy node but White list is individual type of signature and can't maintain assurance by same policy of node. Therefore, to maintain high detection rate, dynamic adaptability of White list is required. It also requires online property and timeliness response. To solve these issues, an integrated Autonomous Decentralized Multi Layer Cache (ADMLC) system with Web Application Firewall is proposed. Evaluation shows that proposed architecture detection rate is much better than other traditional WAF based systems.

KW - ADMLC system

KW - Blacklist

KW - WAF

KW - White list

UR - http://www.scopus.com/inward/record.url?scp=79955721869&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79955721869&partnerID=8YFLogxK

U2 - 10.1109/ISADS.2011.20

DO - 10.1109/ISADS.2011.20

M3 - Conference contribution

AN - SCOPUS:79955721869

SN - 9780769543499

SP - 113

EP - 120

BT - Proceedings - 2011 10th International Symposium on Autonomous Decentralized Systems, ISADS 2011

ER -